ID de Prueba:	1.3.6.1.4.1.25623.1.0.883021
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for openssl CESA-2019:0483 centos7
Resumen:	The remote host is missing an update for the 'openssl'; package(s) announced via the CESA-2019:0483 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the CESA-2019:0483 advisory. Vulnerability Insight: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Perform the RSA signature self-tests with SHA-256 (BZ#1673914) Affected Software/OS: openssl on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5407 BugTraq ID: 105897 http://www.securityfocus.com/bid/105897 Debian Security Information: DSA-4348 (Google Search) https://www.debian.org/security/2018/dsa-4348 Debian Security Information: DSA-4355 (Google Search) https://www.debian.org/security/2018/dsa-4355 https://www.exploit-db.com/exploits/45785/ https://security.gentoo.org/glsa/201903-10 https://eprint.iacr.org/2018/1060.pdf https://github.com/bbbrumley/portsmash https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html RedHat Security Advisories: RHSA-2019:0483 https://access.redhat.com/errata/RHSA-2019:0483 RedHat Security Advisories: RHSA-2019:0651 https://access.redhat.com/errata/RHSA-2019:0651 RedHat Security Advisories: RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:0652 RedHat Security Advisories: RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:2125 RedHat Security Advisories: RHSA-2019:3929 https://access.redhat.com/errata/RHSA-2019:3929 RedHat Security Advisories: RHSA-2019:3931 https://access.redhat.com/errata/RHSA-2019:3931 RedHat Security Advisories: RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3932 RedHat Security Advisories: RHSA-2019:3933 https://access.redhat.com/errata/RHSA-2019:3933 RedHat Security Advisories: RHSA-2019:3935 https://access.redhat.com/errata/RHSA-2019:3935 https://usn.ubuntu.com/3840-1/
Copyright	Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.